Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e34322e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: /Sx3ZT56SijfaPfN0r7Rki9SbHf31MFkwpJxqoLjlyo=
Subject key identifier: 9C:8F:93:6A:B1:26:B9:E0:CF:C0:26:F4:0C:44:36:75:88:A2:DD:8F
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 53C0C7EC5F2539E255E04DA9589BA83B032D2EB3
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:17 +0000
ROA not before: Fri 07 Jul 2023 08:03:17 +0000
ROA not after: Fri 05 Jul 2024 08:08:17 +0000
asID: 15419
IP address blocks: 89.116.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:c0:c7:ec:5f:25:39:e2:55:e0:4d:a9:58:9b:a8:3b:03:2d:2e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:17 2023 GMT
Not After : Jul 5 08:08:17 2024 GMT
Subject: CN=9C8F936AB126B9E0CFC026F40C44367588A2DD8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2d:ed:c4:9e:96:7e:10:a8:aa:cb:d0:46:ed:
94:1e:7e:2a:18:31:28:95:46:5e:6c:5d:41:43:a5:
1b:82:e9:30:fb:1e:65:bb:fe:f4:07:31:27:df:82:
f2:74:66:11:c9:68:09:bc:cf:48:8d:c0:45:4e:11:
b5:2a:b7:40:b5:32:10:12:ca:b9:8d:ba:2e:e4:b8:
3b:d0:59:64:8e:72:90:77:52:fb:68:2d:f3:17:93:
fd:ee:e8:32:95:03:23:3b:15:43:e8:77:16:23:58:
ca:f6:31:26:85:5a:9a:27:dd:af:4f:11:81:6d:cd:
2d:37:00:c8:df:ca:96:ff:ea:bf:99:c3:da:c6:64:
56:c4:b4:13:59:1d:6f:2d:d2:3f:3a:26:ae:c5:2f:
0e:3b:a3:bd:77:a4:0e:14:69:22:57:ce:fc:8f:87:
35:c8:cb:ec:33:b2:9f:ca:af:36:23:43:1e:d4:ee:
d5:de:79:01:48:24:6f:c4:1b:ff:a1:2c:97:26:e6:
2c:58:dd:d8:73:a8:ee:bb:bd:5f:ad:91:93:c5:7f:
a6:c7:f2:a4:48:15:3c:35:58:f6:64:6a:e8:9a:4a:
d6:47:ab:58:d1:17:18:ae:bd:1b:e3:d5:cc:86:ce:
a5:48:1e:c1:54:89:db:1c:ac:07:af:f7:fe:89:c1:
e5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8F:93:6A:B1:26:B9:E0:CF:C0:26:F4:0C:44:36:75:88:A2:DD:8F
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.42.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:92:22:72:c0:99:39:41:62:eb:a9:4b:9d:97:8c:0a:dd:99:
d5:e1:eb:50:b4:57:56:cd:b7:e9:b1:29:b4:65:31:cd:08:3f:
35:fd:0b:f8:d9:59:f3:7f:70:89:e8:9c:33:25:26:ee:fb:f6:
f2:6f:60:ce:ad:44:df:bc:4f:7e:75:b3:64:d1:46:da:35:3a:
4e:fd:e2:19:48:9a:c6:f6:f1:fa:dd:e5:f9:21:52:8a:c6:63:
c7:7e:f4:5d:b1:da:40:5d:fb:16:b8:c6:34:49:51:b2:c8:05:
c6:04:38:ac:7b:ef:42:fe:c5:29:25:c6:51:bb:ae:bf:e2:3e:
50:26:26:a0:28:38:8b:7e:b9:91:f1:93:41:2f:84:a3:dc:7f:
d9:fa:a5:ba:62:39:08:af:72:f1:b6:68:74:e7:7e:a6:39:f9:
40:b8:75:01:e8:83:8b:34:1b:d7:98:77:b1:bb:0f:c6:5e:33:
75:81:9a:49:39:6e:dd:d6:10:16:63:e0:29:5c:d6:ab:16:02:
73:44:d2:54:3b:73:4f:20:b5:b5:a6:b9:5d:57:6b:69:ed:09:
d3:be:6e:56:85:2d:36:0b:d0:f0:37:a4:8b:9f:7d:b0:d8:92:
19:f9:a2:7a:e0:f6:1f:71:21:7a:ce:c4:8e:4e:2e:19:f1:fc:
6c:1e:d1:97
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUU8DH7F8lOeJV4E2pWJuoOwMtLrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTdaFw0yNDA3MDUwODA4MTdaMDMxMTAvBgNV
BAMTKDlDOEY5MzZBQjEyNkI5RTBDRkMwMjZGNDBDNDQzNjc1ODhBMkREOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuLe3EnpZ+EKiqy9BG7ZQefioY
MSiVRl5sXUFDpRuC6TD7HmW7/vQHMSffgvJ0ZhHJaAm8z0iNwEVOEbUqt0C1MhAS
yrmNui7kuDvQWWSOcpB3UvtoLfMXk/3u6DKVAyM7FUPodxYjWMr2MSaFWpon3a9P
EYFtzS03AMjfypb/6r+Zw9rGZFbEtBNZHW8t0j86Jq7FLw47o713pA4UaSJXzvyP
hzXIy+wzsp/KrzYjQx7U7tXeeQFIJG/EG/+hLJcm5ixY3dhzqO67vV+tkZPFf6bH
8qRIFTw1WPZkauiaStZHq1jRFxiuvRvj1cyGzqVIHsFUidscrAev9/6JweU9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUnI+TarEmueDPwCb0DEQ2dYii3Y8wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDMy
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
KjANBgkqhkiG9w0BAQsFAAOCAQEAT5IicsCZOUFi66lLnZeMCt2Z1eHrULRXVs23
6bEptGUxzQg/Nf0L+NlZ839wieicMyUm7vv28m9gzq1E37xPfnWzZNFG2jU6Tv3i
GUiaxvbx+t3l+SFSisZjx370XbHaQF37FrjGNElRssgFxgQ4rHvvQv7FKSXGUbuu
v+I+UCYmoCg4i365kfGTQS+Eo9x/2fqlumI5CK9y8bZodOd+pjn5QLh1AeiDizQb
15h3sbsPxl4zdYGaSTlu3dYQFmPgKVzWqxYCc0TSVDtzTyC1taa5XVdrae0J075u
VoUtNgvQ8Deki599sNiSGfmieuD2H3Ehes7Ejk4uGfH8bB7Rlw==
-----END CERTIFICATE-----
Generated at Fri May 17 14:34:42 2024 by rpki-client on console-ams.rpki-client.org